feat: call gsuite-wrapper on key moments #183
Conversation
|
general comment:
|
|
tests for gsuite wrapper are already there, i don't pipeline them because I want control over them (since it involves many rapid hitting google endpoints and creating/deleting users etc, I want to be careful of the quota) |
|
on tests I mean the following: mocking the request to gsuite-wrapper and checking if it works under different conditions (it returns error, garbage, valid data etc.), I have something similar for mailer so check this out as well |
|
Workflow has been checked, everything that needs to be done is the following;
For the third point, see comment of @serge1peshcoff |
|
On the transliteration of first/last names, check the NAME_REGEX in models/User.js |
| familyName: req.body.last_name | ||
| }, | ||
| secondaryEmail: req.body.email, | ||
| password: crypto.createHash('sha1').update(JSON.stringify(req.body.password)).digest('hex'), |
There was a problem hiding this comment.
@linuxbandit as per https://stackoverflow.com/questions/24925304/in-googles-directory-api-what-hash-format-is-required-when-crypt-is-provided we can also use SHA-512, can you try that in GSuiteWrapper?
There was a problem hiding this comment.
@serge1peshcoff this is what needs to be changed in GSuiteWrapper
There was a problem hiding this comment.
ah okay, haven't seen this comment somehow
There was a problem hiding this comment.
That's because we use the same function in two places. So it's good if we move it to a class where we can just define it once and call it twice
| @@ -52,6 +52,8 @@ exports.createBody = async (req, res) => { | |||
| return errors.makeForbiddenError(res, 'Permission global:create:body is required, but not present.'); | |||
| } | |||
|
|
|||
| // TODO: if antenna, contact antenna or contact, then create GSuite account | |||
| @@ -65,6 +67,8 @@ exports.updateBody = async (req, res) => { | |||
| return errors.makeForbiddenError(res, 'Permission update:body is required, but not present.'); | |||
| } | |||
|
|
|||
| // TODO: if antenna, contact antenna or contact, then update GSuite account if needed | |||
| @@ -89,6 +93,7 @@ exports.setBodyStatus = async (req, res) => { | |||
| await BodyMembership.destroy({ where: { body_id: req.currentBody.id }, transaction: t }); | |||
| await Circle.destroy({ where: { body_id: req.currentBody.id }, transaction: t }); | |||
| await Payment.destroy({ where: { body_id: req.currentBody.id }, transaction: t }); | |||
| // TODO: suspend GSuite account (if attached) | |||
| @@ -122,6 +127,7 @@ exports.createMember = async (req, res) => { | |||
| body_id: req.currentBody.id | |||
| }); | |||
|
|
|||
| // TODO: create active GSuite account | |||
There was a problem hiding this comment.
Nevermind, this should create a GSuite account for new users. That should be implemented at the start already
| @@ -63,6 +64,18 @@ exports.updateUser = async (req, res) => { | |||
| } | |||
|
|
|||
| await req.currentUser.update(req.body, { fields: constants.FIELDS_TO_UPDATE.USER.UPDATE }); | |||
|
|
|||
| // TODO: update first/late name to GSuite account (if there is an account attached) | |||
There was a problem hiding this comment.
I mention it here, but it goes for the whole file; not every user will have a GSuite account attached (mostly older accounts) so we also need to check that we only do things if an account is attached
WikiRik
force-pushed
the
feat/add-calls-to-gsuite-wrapper
branch
from
01d41c3
to
e23e889
Compare
lib/cron.js
Outdated
| @@ -1,4 +1,5 @@ | |||
| const cron = require('node-cron'); | |||
| const superagent = require('superagent'); | |||
There was a problem hiding this comment.
you don't need superagent as an extra dependency for it, we have request and request-promise-native already
There was a problem hiding this comment.
I know, Fabri added it before and I just kept it there. It will be replaced before it will be merged
| @@ -36,6 +36,7 @@ exports.registerUser = async (req, res) => { | |||
| }); | |||
|
|
|||
| // TODO: add uniqueness check; transliterate gsuiteEmail in case of umlauts or other special characters | |||
| // TODO: probably move this elsewhere since not all MyAEGEE users need a GSuite account | |||
| const gsuiteEmail = req.body.first_name + '.' + req.body.last_name + '@' + constants.GSUITE_DOMAIN; | |||
| const payload = { | |||
There was a problem hiding this comment.
better to do it this way: have a file to contain all gsuite functions (or even better, make it a class, like GSuiteClient, create instance of it and assign it to something like req.gsuiteClient), then you can reference this class instead of having this logic in a middleware itself
| // await superagent.post('gsuite-wrapper:8084/accounts?SETPASS') | ||
| if (req.currentUser.gsuite_id) { | ||
| const payload = { | ||
| password: crypto.createHash('sha1').update(JSON.stringify(req.body.password)).digest('hex') |
There was a problem hiding this comment.
github complains here, is it okay? if it is, can it be muted?
There was a problem hiding this comment.
This needs to be fixed in GSuiteWrapper itself first, we can temporarily mute it if we merge this before
Also fixed linter and installed superagent. Superagent will have to be removed to use request
This is not in the scope of the current issues, so I removed it from here
Not all merge conflicts were resolved correctly
WikiRik
force-pushed
the
feat/add-calls-to-gsuite-wrapper
branch
from
9b38d70
to
c4f0fab
Compare
we can change superagent if needed. Some things are still quite rough and only placeholders.
The things that needs work are: